package com.xiao.springbootxssfilter.util;

import java.util.Objects;

/**
*@ClassName: XssUtil
*@Description: xss 工具类
*@Params:
*@Return:
*@Author xxw
*@Date 2021/4/2
*/

public class XssUtil {
    public static String cleanXss(String value) {

        // 如果 value 为空直接返回 null，不需要做处理
        if (Objects.isNull(value)) {
            return null;
        }

        // xss 过滤
        value = value.replaceAll("<", "&lt;").replaceAll(">", "&gt;");
        value = value.replaceAll("\\(", "&#40;").replaceAll("\\)", "&#41;");
        value = value.replaceAll("'", "&#39;");
        value = value.replaceAll("eval\\((.*)\\)", "");
        value = value.replaceAll("[\\\"\\\'][\\s]*javascript:(.*)[\\\"\\\']", "\"\"");
        return value;

    }
}
